API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Mar 15th, 2014
194
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 16.43 KB | None | 0 0
raw download clone embed print report
  1. Logfile of Trend Micro HijackThis v2.0.5
  2. Scan saved at 10:11:55 AM, on 3/17/2014
  3. Platform: Windows Vista SP2 (WinNT 6.00.1906)
  4. MSIE: Internet Explorer v9.00 (9.00.8112.16483)
  5.  
  6. FIREFOX: 13.0.1 (en-US)
  7. Boot mode: Normal
  8.  
  9. Running processes:
  10. C:\Windows\Explorer.EXE
  11. C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
  12. C:\ProgramData\DatacardService\DCSHelper.exe
  13. C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
  14. C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
  15. C:\Windows\System32\jmdp\stij.exe
  16. C:\Program Files\Windows Media Player\wmpnscfg.exe
  17. C:\Windows\system32\wbem\unsecapp.exe
  18. C:\Program Files\Core Temp\Core Temp.exe
  19. C:\Program Files\Java\jre7\bin\javaw.exe
  20. C:\Program Files\Opera\Opera.exe
  21. C:\Windows\system32\SearchFilterHost.exe
  22. C:\Windows\explorer.exe
  23. C:\Users\Jimbo\Documents\HijackThis.exe
  24.  
  25. R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.114116.info
  26. R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/search/ie.html
  27. R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.b1.org/?bsrc=4hixr&chid=c162341
  28. R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?l=dis&o=15183
  29. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.ph.acer.yahoo.com
  30. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  31. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.phpnuke.org/?lang=en&q={searchTerms}
  32. R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.phpnuke.org/?lang=en
  33. R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
  34. R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
  35. R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
  36. R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
  37. R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
  38. R3 - URLSearchHook: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll
  39. R3 - URLSearchHook: FroggyBoss Class - {539F76FD-084E-4858-86D5-62F02F54AE86} - C:\Program Files\Minibar\Froggy.dll
  40. O1 - Hosts: ::1 localhost
  41. O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
  42. O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
  43. O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.313\McAfeeMSS_IE.dll
  44. O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.8.11.10\bh\BabylonToolbar.dll
  45. O2 - BHO: IB Updater Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\IB Updater\Extension32.dll
  46. O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
  47. O2 - BHO: TBSB01620 - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - C:\Program Files\IMinent Toolbar\tbcore3.dll
  48. O2 - BHO: Incredibar.com Helper Object - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll
  49. O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
  50. O2 - BHO: uTorrentControl_v2 - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll
  51. O2 - BHO: Funmoods Helper Object - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\Program Files\Funmoods\1.5.23.22\bh\escort.dll
  52. O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
  53. O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
  54. O2 - BHO: MrFroggy - {856E12B5-22D7-4E22-9ACA-EA9A008DD65B} - C:\Program Files\Minibar\Froggy.dll
  55. O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\18.0.0.248\AVG Secure Search_toolbar.dll
  56. O2 - BHO: IMinent WebBooster - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files\Iminent\Iminent.WebBooster.InternetExplorer.dll
  57. O2 - BHO: Minibar BHO - {AA74D58F-ACD0-450D-A85E-6C04B171C044} - C:\Program Files\Minibar\Kango.dll
  58. O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
  59. O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
  60. O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
  61. O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
  62. O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
  63. O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
  64. O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\18.0.0.248\AVG Secure Search_toolbar.dll
  65. O3 - Toolbar: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll
  66. O3 - Toolbar: Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll
  67. O3 - Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - (no file)
  68. O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
  69. O3 - Toolbar: IMinent Toolbar - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files\IMinent Toolbar\tbcore3.dll
  70. O4 - HKCU\..\Run: [WallpaperChanger] C:\Program Files\Wallpaper Master\Wallpaper.exe
  71. O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
  72. O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
  73. O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
  74. O4 - HKUS\S-1-5-21-806437990-3503812967-1642983055-1001\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'GAME')
  75. O4 - HKUS\S-1-5-21-806437990-3503812967-1642983055-1001\..\Run: [Dxtory Update Checker 2.0] C:\Program Files\Dxtory Software\Dxtory2.0\UpdateChecker.exe (User 'GAME')
  76. O4 - HKUS\S-1-5-21-806437990-3503812967-1642983055-1001\..\Run: [SDP] C:\Program Files\FilesFrog Update Checker\update_checker.exe /auto (User 'GAME')
  77. O4 - HKUS\S-1-5-21-806437990-3503812967-1642983055-1001\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun (User 'GAME')
  78. O4 - HKUS\S-1-5-21-806437990-3503812967-1642983055-1001\..\Run: [Steam] "D:\steam\Steam.exe" -silent (User 'GAME')
  79. O4 - HKUS\S-1-5-21-806437990-3503812967-1642983055-1002\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User '4internetuse')
  80. O4 - HKUS\S-1-5-21-806437990-3503812967-1642983055-1003\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun (User 'Bleached asshole')
  81. O4 - HKUS\S-1-5-21-806437990-3503812967-1642983055-1005\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Test')
  82. O4 - HKUS\S-1-5-21-806437990-3503812967-1642983055-1006\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Rollbackaccount')
  83. O4 - HKUS\S-1-5-21-806437990-3503812967-1642983055-1006\..\RunOnce: [AcerScrSav] C:\Windows\Acer\run_NB.exe (User 'Rollbackaccount')
  84. O4 - S-1-5-21-806437990-3503812967-1642983055-1002 Startup: IconPackager.lnk = C:\Program Files\Stardock\MyColors\IconPackager.exe (User '4internetuse')
  85. O4 - S-1-5-21-806437990-3503812967-1642983055-1002 User Startup: IconPackager.lnk = C:\Program Files\Stardock\MyColors\IconPackager.exe (User '4internetuse')
  86. O4 - S-1-5-21-806437990-3503812967-1642983055-1003 Startup: IconPackager.lnk = C:\Program Files\Stardock\MyColors\IconPackager.exe (User 'Bleached asshole')
  87. O4 - S-1-5-21-806437990-3503812967-1642983055-1003 User Startup: IconPackager.lnk = C:\Program Files\Stardock\MyColors\IconPackager.exe (User 'Bleached asshole')
  88. O4 - S-1-5-21-806437990-3503812967-1642983055-1005 Startup: IconPackager.lnk = C:\Program Files\Stardock\MyColors\IconPackager.exe (User 'Test')
  89. O4 - S-1-5-21-806437990-3503812967-1642983055-1005 User Startup: IconPackager.lnk = C:\Program Files\Stardock\MyColors\IconPackager.exe (User 'Test')
  90. O4 - S-1-5-21-806437990-3503812967-1642983055-1006 User Startup: IconPackager.lnk = C:\Program Files\Stardock\MyColors\IconPackager.exe (User 'Rollbackaccount')
  91. O4 - .DEFAULT User Startup: IconPackager.lnk = C:\Program Files\Stardock\MyColors\IconPackager.exe (User 'Default user')
  92. O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
  93. O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
  94. O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
  95. O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
  96. O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
  97. O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
  98. O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
  99. O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
  100. O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
  101. O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
  102. O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
  103. O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
  104. O9 - Extra button: Change your facebook look - {AAA38851-3CFF-475F-B5E0-720D3645E4A5} - C:\Program Files\Minibar\MinibarButton.dll
  105. O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
  106. O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
  107. O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
  108. O15 - Trusted IP range: http://192.168.1.1
  109. O15 - ESC Trusted IP range: http://192.168.1.1
  110. O17 - HKLM\System\CCS\Services\Tcpip\..\{FA15B6FE-CB02-467F-BDC1-712BBC549EA8}: NameServer = 208.67.222.222,208.67.220.220
  111. O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
  112. O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
  113. O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
  114. O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.0.0\ViProtocol.dll
  115. O20 - AppInit_DLLs: c:\progra~2\browse~2\261095~1.52\{c16c1~1\browse~1.dll
  116. O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
  117. O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
  118. O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
  119. O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
  120. O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
  121. O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgfws.exe
  122. O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
  123. O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
  124. O23 - Service: Traffic Shaper XP Server (bcserver) - Unknown owner - C:\Program.exe (file missing)
  125. O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
  126. O23 - Service: BrowserProtect - Unknown owner - C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
  127. O23 - Service: Disc Soft Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe
  128. O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
  129. O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
  130. O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
  131. O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
  132. O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
  133. O23 - Service: Globe Tattoo Broadband. OUC (Globe Tattoo Broadband. RunOuc) - Unknown owner - C:\Program Files\Globe Tattoo Broadband\UpdateDog\ouc.exe
  134. O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
  135. O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
  136. O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
  137. O23 - Service: HWDeviceService.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService.exe
  138. O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
  139. O23 - Service: IBUpdaterService - Unknown owner - C:\Windows\system32\dmwu.exe
  140. O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
  141. O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.0.313\McCHSvc.exe
  142. O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
  143. O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
  144. O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
  145. O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
  146. O23 - Service: Raw Socket Service (RS_Service) - Acer Inc. - C:\Program Files\Acer\Acer VCM\RS_Service.exe
  147. O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
  148. O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
  149. O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
  150. O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
  151. O23 - Service: vToolbarUpdater18.0.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\ToolbarUpdater.exe
  152. O23 - Service: Stardock WindowBlinds (WindowBlinds) - Stardock Corporation - C:\Program Files\Stardock\MyColors\VistaSrv.exe
  153. O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
  154.  
  155. --
  156. End of file - 16822 bytes
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!